17 Apr
2026
17 Apr
'26
10:58 a.m.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42317 --- Comment #6 from Marcel de Rooy <m.de.rooy@rijksmuseum.nl> --- (In reply to David Cook from comment #0)
CVE-2014-1626 notes vulnerabilities in MARC::File::XML in versions less than 1.0.2.
Looking at Koha's cpanfile we say that we require at least version 1.0.1, but that should be updated to 1.0.2 or even 1.0.5 since in practice only 1.0.5 is really available via CPAN or Debian repos.
Confirmed bullseye libmarc-xml-perl (1.0.5-1) -- You are receiving this mail because: You are watching all bug changes.